Skip to content
Licensed Unlicensed Requires Authentication Published by De Gruyter October 1, 2004

The shortest vectors of lattices connected with a linear congruent generator

  • A. S. Rybakov
From the journal

Let ε > 0 be a fixed real number, Rs be a full rank lattice with determinant Δ ∈ Q. We call this lattice ε-regular if λ1 () > Δ1/s (h(Δ))ε, where λ1() is the length of the shortest nonzero vector of and h(Δ) is the maximum of absolute values of the numerator and the denominator of the irreducible rational fraction for Δ. In this paper, we consider two full rank lattices in the space Rs: the lattice ℒ(a, W) connected with the linear congruent sequence

(xN), xN+1 = axN (mod W), N =1 ,2, . . . , (1)

and the lattice ℒ (a, W) dual to ℒ(a, W).

There is a conjecture which states that for any natural number s, any real number 0 < ε < ε0(s), and any natural number W > W0 (s, ε), the lattices ℒ(a, W) and ℒ(a, W) are ε-regular for all a = 0 ,1, . . . , W – 1 excluding some set of numbers a of cardinality at most W1–ε.

In the case s = 3, A. M. Frieze, J. Hestad, R. Kannan, J. C. Lagarias, and A. Shamir in a paper published in 1988 proved a more weak assertion (in their estimate the number of exceptional values a is at most W1– ε/2). Using the methods of this paper, it is not difficult to prove the conjecture for s = 1 and s = 2.

In our paper, we prove the conjecture for s = 4. With the help of our methods we improve the result of the paper mentioned above and prove the conjecture for s = 3.

Our result can be applied to the reconstruction of a linear congruent sequence (1) if the high-order bits of its first s elements are given.

Published Online: 2004-10-01
Published in Print: 2004-10-01

Copyright 2004, Walter de Gruyter

Downloaded on 4.8.2023 from https://www.degruyter.com/document/doi/10.1515/1569392042572203/html
Scroll to top button